Monday, April 1, 2013

Global Internet security risk imperiled by public, media apathy

Computer activity
Individual computer security as well as organizational security threatened on Internet[/caption]

Carol Forsloff — If you are one of those who belongs to a social media site, such as Facebook, Fandalism, or Twitter, you likely experienced errors and glitches doing Internet interaction. And if you were a business, it's likely you did as well. That's because the biggest online attack in the history of the Internet occurred this last week.

Kurzweil reports this online attack impacted many servers around the world. For that reason, users saw a widespread number of errors in commenting, posting new information, or even accessing sites.

The attackers faked IP addresses, replacing them with that of the target, a method called "IP spooking". It means that rather than the user going to the expected address on the Internet, instead the server pointed to the address of the fake address.

Despite this huge attack, the news about it was not high profile in the past week. This is in spite of the fact that most of the world's business is conducted over the Internet and the security risks have been discussed for many years. In 2001, some of these details were enumerated in a post by a consulting firm, dedicated to examining and enumerating security risks on the Internet. A security breach would risk the following factors necessary for good business and interaction, for as the consulting firm reminds us the expectations impact critical factors:

  • Availability - assets and services are available to all authorised parties as required.

  • Confidentiality - all private communications, transactions, and data are accessible only to authorised parties.

  • Integrity - provides confidence that assets and data have not been modified by any unauthorised party.

Security issues can impact defense and government interaction and security, as reflected in a demonstration provided by Air Force Lt. Col. Buzz Walsh and Maj. Brad Ashley who met with military leaders and showed them how easy it is to get the Social Security numbers, codes and other key information from the Internet.

Walsh said, "You don't need a Ph.D. to do this,"Walsh said about the ability to gather the information. "There's no rocket science in this capability. What's amazing is the ease and speed and the minimal know-how needed. The tools (of the Net) are designed for you to do this."

But despite the problems related to security, many people neither know how critical these issues are nor are they aware of what to do to protect themselves. The lack of security for both individuals and businesses may relate to the short shrift given the problems. This means private information and financial data can be threatened by security attacks. The need to know is especially important since last week's security breaches reflect how critical it is to provide extra security, precautions, and information so that the public is served, since a global shutdown in many areas is a potential threat so long as security problems exist, businesses, governments and individuals do not have the proper safeguards to deal with them and the media fails to underline the seriousness of the issue itself.